I love this idea. I would also keep Disk encryption on the radar. Once a specific storage is chosen, a user should be able to encrypt it.
One thing I don’t like is permissions by apps. It should be by user. The encryption, also.
Finally, all user data should exist there. I’d hate to lose my Synapse chats if my freedom box SD fails, along with synced files and whatsoever.